Are .htaccess files secure? I don't want users to be able to use
<perl>...</perl> sections or any other mod_perl constructs (setting scripts
to run via the Registry, for example) in .htaccess files. However, I need
.htaccess files turned on so users can password protect directories
site-wide (so I can't shut .htaccess files off completely.)
Is there any need to worry? I can't have users writing any code that will be
executed by the primary httpd process ... all user CGI execution is done via
mod_cgi and SuEXEC.
Thanks,
-Rob Giseburt
--------------------------------
Random Quote:
"When the chips are down, the buffalo is empty."
(author unknown)
--------------------------------